Appl. No.: 10/748,980 

Amdt. dated April 30, 2007 

Reply to Official Action of January 10, 2007 

REMARKS/ARGUMENTS 

Applicant appreciates the thorough examination of the present application, as evidenced 
by the first Official Action. The Official Action rejects Claims 1-18 under 35 U.S.C. § 1 12, 
second paragraph, objecting to the language "position" and alleging that the claims are not clear 
as to its referring to geographic position or rank (or logical position). In response, Applicant has 
amended Claims 1-3, 7-9 and 13-15 to clarify the recited "position" as being a "logical position." 
Accordingly, Applicant respectfully submits that the rejection of Claims 1-8 as being indefinite 
is overcome. 

The Official Action also provisionally rejects Claims 1-3, 6, 7, 12-15 and 18 on the 
ground of non-statutory obviousness-type double patenting over U.S. Patent Application No. 
10/749,042 to Graff. In response, Applicant notes that at such time as this provisional rejection 
matures into an obviousness-type double patenting rejection with the issuance of the '042 
application, Applicant will respond accordingly, such as by filing a Terminal Disclaimer. 

Further, the Official Action rejects Claims 1-3, 6-9 and 12-18 under 35 U.S.C. § 102(e) 
as being anticipated by U.S. Patent Application Publication No. 2003/0087629 to Juitt et al; and 
rejects the remaining claims, namely Claims 4, 5, 10 and 1 1 under 35 U.S.C. § 103(a) as being 
unpatentable over Juitt, in view of Yolanta Beresnevichiene, A Role and Context based Security 
Model, Technical Report No. 558, 76-80. As explained below, however, Applicant respectfully 
submits that the claimed invention is patentably distinct from Juitt, alone or in combination with 
Beresnevichiene. Accordingly, Applicant traverses these rejections of the claims. Nonetheless, 
Applicant has amended various ones of the claims to further clarify the claimed invention, and 
added new Claims 19-26 to recite further patentable aspects of the present invention. In view of 
the amendments to the claims, the newly added claims, and the remarks presented herein, 
Applicant respectfully requests reconsideration and allowance of all of the pending claims of the 
present application. 
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A. Claims 1-3, 6-9 and 12-18 are Patentable over Juitt 

Briefly, Juitt discloses a system and method managing data traffic in wireless networks. 
As disclosed, the system includes a gateway server interposed between wireless access points 
and protected networks to provide security and integration functions. The gateway server 
includes an authentication subsystem, a role assigner and an access controller. In operation, the 
gateway server receives a request to access the protected network, and based on the request, the 
authentication subsystem authenticates the user. If the user is authenticated, the role assigner 
assigns a role to the user, where the role specifies network resources and degree of access to the 
protected network. The access controller may then provide differential access to the protected 
network based on the user's assigned role. 

According to one aspect of the present invention, as reflected in amended independent 
Claim 1, a system includes a terminal, server, and primary and secondary certification authorities 
(CA's). As recited, the terminal is configured to communicate within and/or across one or more 
networks, and is included within an organization including a plurality of terminals each of which 
is at one or more of a plurality of logical positions within the organization. The primary CA is 
configured to issue an identity certificate to each terminal of the organization, including being 
configured to provide an identity certificate to the respective terminal in the organization. The 
secondary CA is configured to provide one or more role certificates to the terminal based upon 
the logical position(s) of the terminal within the organization. In this regard, the organization 
includes a plurality of secondary CA's configured to issue role certificate(s) to respective groups 
of terminals of the organization based upon the logical position(s) of each of the respective 
terminals within the organization. Finally, the server is configured to authenticate the terminal 
based upon the identity certificate and the role certificate(s) of the terminal to thereby determine 
whether to grant the terminal access to one or more resources of the server. 

In contrast to amended independent Claim 1 , Juitt does not teach or suggest at least the 
recited secondary CA and server elements. Each of these elements will now be separately 
addressed. 



9 of 14 



Appl. No.: 10/748,980 

Amdt. dated April 30, 2007 

Reply to Official Action of January 10, 2007 

1. Secondary CA Providing Role Certificate(s) 

As indicated above, in contrast to amended independent Claim 1, Juitt does not teach or 
suggest a secondary CA configured to provide role certificateCs") to a terminal . The Official 
Action cites the role assigner of Juitt as corresponding to the recited secondary CA. As disclosed 
by Juitt, the role assigner of a gateway server assigns a role to an authenticated user, where the 
role includes one or more policies specifying the scope of performances permitted for the user. 
Nowhere, however, does Juitt teach or suggest that the assigned role or its policies are reflected 
in a digital certificate provided to the respective user, similar to the role certificate(s) of the 
claimed invention. Applicant acknowledges that during prosecution, the claims are to be given 
their broadest reasonable interpretation, but note that that interpretation must be consistent with 
the specification as well as the interpretation that those skilled in the art would reach. MPEP § 
21 1 1 {citing In re Cortright, 165 F.3d 1353, 1359 (Fed. Cir. 1999)). And given that certificates 
are well explained in the specification, and understood to those skilled in the art, nowhere does 
Juitt teach or suggest anything corresponding to the recited role certificate(s). 

2. Server Authenticating a Terminal based on Role Certificate(s) 

In further contrast to amended independent Claim 1, Juitt also does not teach or suggest a 
server configured to authenticate the terminal based on the role certificate(s) . Notably, the 
Official Action alleges that Juitt discloses authenticating a user based on an identity certificate (a 
generically disclosed certificate in Juitt), but does not cite to any disclosure of Juitt 
corresponding to authentication also being accomplished based on anything corresponding to a 
role certificate. Moreover, consider for the sake of argument (although expressly not admitted) 
the Official Action's interpretation of an assigned role as corresponding to the recited role 
certificate. Nowhere does Juitt teach or suggest authenticating the user based on the user's 
assigned role. Rather, Juitt explicitly discloses that the user is assigned a role after the user is 
authenticated . Moreover, given that the authentication server has prior information from which 
the user's role is assigned, Applicants respectfully submit that not only does Juitt fail to teach or 
suggest authenticating the user based on the user's assigned role, but that one skilled in the art 
would not be motivated to modify Juitt to authenticate the user based on the user's assigned role . 
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Applicant therefore respectfully submits that amended independent Claim 1, and by 
dependency Claims 2-6, is patentably distinct from Juitt. Applicant also respectfully submits 
that amended independent Claims 7 and 13, and new independent Claims 19 and 23, recite 
subject matter similar to amended independent Claim 1, including the provision of role 
certificate(s) to a terminal and authentication of the terminal based thereon. Thus, Applicants 
respectfully submit that amended and new independent Claims 7, 13, 19 and 23, and by 
dependency Claims 8-12, 14-18, 20-22 and 24-26, are also patentably distinct from Juitt for at 
least the same reasons given above with respect to amended independent Claim 1. 

Further, Applicant respectfully submits that various ones of dependent Claims 2-6 (and 
similarly Claims 8-12, 14-18, 20-22 and 24-26) recite features further patentably distinct from 
Juitt, two of which are explained below. 

3. Service Plans/Services of a Cellular Service Provider 
Amended dependent Claims 2 and 3, and similarly dependent Claims 8, 9, 14, 15, 20, 21, 
24 and 25, further recite that the organization within which the terminal is included comprises 
the customer base of a cellular service provider. As further recited by dependent Claim 2 (and 
similarly Claims 8, 14, 20 and 24), the position(s) in that organization (based on which role 
certificate(s) are issued) comprise service plans offered by the cellular service provider. And as 
further recited by dependent Claim 3 (and similarly Claims 9, 15, 21 and 25), the position(s) in 
that organization (based on which role certificate(s) are issued) comprise services offered by the 
cellular service provider. These features are also not taught or suggested by Juitt. 

In rejecting dependent Claims 2 and 3, the Official Action cites paragraph 0038 of Juitt as 
disclosing its wireless network 105 as supporting a cellular network. The Official Action then 
continues by alleging that "[i]t is inherent that a cellular network will be used by a cellular 
service provider," and that "[i]t is inherent that cellular providers have service plans." Official 
Action of Jan. 10, 2007, page 7. Applicant respectfully disagrees, and submits that not only has 
the Official Action failed to establish inherency of the aforementioned features, but that even if 
the disclosed wireless network 105 is a cellular network of a provider having service plans or 
services, Juitt still does not teach or suggest dependent Claims 2 or 3. 
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As disclosed in the MPEP, the Examiner bears the burden of establishing inherency in the 
prior art . More particularly, as explained in the MPEP, "In relying upon the theory of inherency, 
the examiner must provide a basis in fact and/or in technical reasoning to reasonably support the 
determination that the allegedly inherent characteristic necessarily flows from the teachings of 
the applied prior art." MPEP § 21 12 (quoting Ex parte Levy, 17 USPQ2d 1461, 1464 (Bd. Pat. 
App. & Inter. 1990) (emphasis in original)). To establish inherency, evidence must make clear 
that the missing descriptive matter is necessarily present in the prior art, and would be 
recognized as being present in the prior art by those skilled in the art. "Inherency, however, may 
not be established by probabilities or possibilities. The mere fact that a certain thing may result 
from a given set of circumstances is not sufficient." In re Robertson, 169 F.3d 743, 745 (Fed. 
Cir. 1999), citing Continental Can Co. v. Monsanto Co., 948 F.2d 1264, 1268, 1269 (Fed. Cir. 
1991) (emphasis added). 

In the instant case, the Examiner has failed to provide any facts or technical reasoning to 
support the conclusion that Juitt inherently discloses the aforementioned cellular service provider 
and service plans/services provided thereby. And more particularly, the Examiner has failed to 
cite any supporting evidence to establish that cellular networks are necessarily used by cellular 
service providers, or that cellular service providers necessarily provide a plurality of service 
plans or services. 

Moreover, Applicant respectfully submits that nowhere does Juitt disclose that its 
protected network (i.e., the network to which the user must be authenticated) is a cellular 
network. Rather, in the cited paragraph 0038 as well as in a number of other paragraphs, Juitt 
only discloses that the wireless network within which the user is operating to request access to 
another, protected network may be a cellular network. And Juitt fails to teach or suggest any 
authentication for the wireless network from which the user requests access to the protected 
network . Thus, even if Juitt did inherently support the wireless network including a provider 
offering service plans/services, Juitt still does not teach or suggest assigning a role to a user 
(allegedly corresponding to the recited role certificates) based on a service plan/service of a 
cellular service provider for that network. 



12 of 14 



Appl. No.: 10/748,980 

Amdt. dated April 30, 2007 

Reply to Official Action of January 10, 2007 

For at least the foregoing reasons, Applicant respectfully submits that Claims 1-3, 6-9 
and 12-18 are patentably distinct from Juitt, and that the rejection of those claims as being 
anticipated by Juitt is overcome. 

B. Claims 4, 5, 10 and 11 are Patentable over Juitt, in view of Beresnevichiene 

The first Official Action also rejects Claims 4, 5, 10 and 1 1 as being unpatentable over 
Juitt, in view Beresnevichiene. Applicant respectfully submits, however, that Beresnevichiene 
does not cure the defects of Juitt. That is, neither Juitt nor Beresnevichiene, taken individually or 
in any proper combination, teach or suggest the claimed invention. Accordingly, Applicant 
respectfully submits that that the claimed invention is patentably distinct from Juitt, in view 
Beresnevichiene. 

For at least the foregoing reasons, Applicant respectfully submits that the rejection of 
Claims 4, 5, 10 and 1 1 as being unpatentable over Juitt, in view of Beresnevichiene is overcome. 
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CONCLUSION 



In view of the amended claims, the added claims and the remarks presented above, 
Applicant respectfully submits that the present application is in condition for allowance. As 
such, the issuance of a Notice of Allowance is therefore respectfully requested. In order to 
expedite the examination of the present application, the Examiner is encouraged to contact 
Applicant's undersigned attorney in order to resolve any remaining issues. 

It is not believed that extensions of time or fees for net addition of claims are required, 
beyond those that may otherwise be provided for in documents accompanying this paper. 
However, in the event that additional extensions of time are necessary to allow consideration of 
this paper, such extensions are hereby petitioned under 37 CFR § 1.136(a), and any fee required 
therefore (including fees for net addition of claims) is hereby authorized to be charged to Deposit 
Account No. 16-0605. 
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